package com.myself.security.app;

import com.myself.security.core.authentiction.mobile.SmsCodeAuthenticationSecurityConfig;
import com.myself.security.core.properties.SecurityProperties;
import com.myself.security.core.validate.code.SmsCodeFilter;
import com.myself.security.core.validate.code.ValidateCodeFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.social.security.SpringSocialConfigurer;

/**
 * @Author:AwakeningCode
 * @Date: Created in 20:26 2018\4\5 0005
 */
@Configuration
@EnableResourceServer
public class MyselfResourceServerConfig extends ResourceServerConfigurerAdapter{

    @Autowired
    private SecurityProperties securityProperties;

    @Autowired
    private AuthenticationSuccessHandler myselfAuthenticationSuccessHandler;

    @Autowired
    private AuthenticationFailureHandler myselfAuthenctiationFailHandler;


    @Autowired
    private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

    @Autowired
    private SpringSocialConfigurer myselfSocialSecurityConfig;

    @Override
    public void configure(HttpSecurity http) throws Exception {
       // ValidateCodeFilter validateCodeFilter = new ValidateCodeFilter();
        //validateCodeFilter.setMyselfAuthenctiationFailHandler(myselfAuthenctiationFailHandler);
        //validateCodeFilter.setSecurityProperties(securityProperties);
//        validateCodeFilter.afterPropertiesSet();

        SmsCodeFilter smsCodeFilter = new SmsCodeFilter();
        smsCodeFilter.setMyselfAuthenctiationFailHandler(myselfAuthenctiationFailHandler);
        smsCodeFilter.setSecurityProperties(securityProperties);
        smsCodeFilter.afterPropertiesSet();

        //http.httpBasic()
        http.addFilterBefore(smsCodeFilter, UsernamePasswordAuthenticationFilter.class)
               // .addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
                .formLogin()    //表单登录
                .loginPage("/authentication/require")
                .loginProcessingUrl("/authentication/from")
                .successHandler(myselfAuthenticationSuccessHandler)
                .failureHandler(myselfAuthenctiationFailHandler)
                .and()
                .authorizeRequests()
                .antMatchers("/authentication/require",
                        securityProperties.getBrowser().getLoginPage(),
                        "/code/*",securityProperties.getBrowser().getSignUpUrl(),"/user/regist",
                        "/session/invalid")
                .permitAll()
                .anyRequest()       //对任何请求
                .authenticated()
                .and()
                .csrf().disable() //暂时取消csrf token功能
                .apply(smsCodeAuthenticationSecurityConfig)
                .and()
                .apply(myselfSocialSecurityConfig);
    }
}
